github/capsule
1
0
Fork 0
mirror of https://github.com/projectcapsule/capsule.git synced 2026-03-04 10:40:30 +00:00
Code Issues Packages Projects Releases Wiki Activity
703 Commits 22 Branches 103 Tags
v0.3.1
Commit Graph

35 Commits

Author SHA1 Message Date
Dario Tranchitella
43bd2491ae refactor(api): switching to v1beta2 as storage version 2022-12-27 17:53:17 +01:00
Dario Tranchitella
4835b94839 style: conforming go files headers 2022-12-26 14:27:26 +01:00
Dario Tranchitella
75525ac192 fix: preventing serviceaccount privilege escalation 2022-12-02 15:19:06 +01:00
Maksim Fedotov
3c9228d1aa fix: protectedHandler OnDelete get tenant using client 2022-05-18 18:06:10 +02:00
Maksim Fedotov
23564f8e40 feat: protected tenant annotation 2022-05-18 18:06:10 +02:00
Dario Tranchitella
a8b84c8cb3 fix: using sentinel error for non limited custom resource 2022-05-16 15:51:07 +00:00
Dario Tranchitella
49e76f7f93 style: linters refactoring 2022-05-05 13:33:39 +00:00
Pandry
d4a5f3beca fix: validate regex patterns in annotations #510 2022-02-22 06:11:49 +00:00
Dario Tranchitella
e53911942d feat: limiting amount of resources deployed in a tenant 2021-12-23 11:39:34 +00:00
Oliver Bähler
5c7804e1bf fix: add rolebinding validation against rfc-1123 dns for sa subjects 
Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com>
 2021-11-12 11:22:26 +01:00
Maksim Fedotov
422b6598ba fix: check if user is a member of capsuleUserGroup instead of tenantOwner when cordoning a tenant 2021-09-15 11:14:39 +02:00
Dario Tranchitella
94c6a64fcb fix: validating Tenant owner name when is a ServiceAccount 2021-09-04 14:17:06 +02:00
Dario Tranchitella
df08c9e63e refactor: hostname collision is now managed at Tenant level 2021-08-12 19:30:27 +02:00
Dario Tranchitella
09277e9f3d feat: Ingress hostname collision scope at Tenant level 2021-08-12 19:30:27 +02:00
Dario Tranchitella
01053d5deb refactor: renaming struct field names for allowed hostnames and classes 2021-08-12 19:30:27 +02:00
Dario Tranchitella
b749e34547 refactor: grouping Ingress options into defined struct 2021-08-12 19:30:27 +02:00
Maksim Fedotov
e6b433dcd7 feat(v1beta1): update code to use v1beta1 version 2021-07-02 10:14:06 +02:00
Dario Tranchitella
ba07f99c6e refactor!: using multiple handers per route 2021-06-27 22:36:55 +02:00
Dario Tranchitella
7574335a8a refactor: using separated webhooks for Namespace handling 2021-06-24 13:47:43 +02:00
Dario Tranchitella
b3c6082a1e feat: providing event for Tenant cordoning 2021-06-24 13:47:43 +02:00
Dario Tranchitella
8804496bb2 feat: cordoning Tenant webhook 2021-06-24 13:47:43 +02:00
Dario Tranchitella
5de0a6d712 # This is a combination of 2 commits. 
# This is the 1st commit message:

feat: cordoning Tenant webhook

# The commit message #2 will be skipped:

# 5cc
 2021-06-24 13:47:43 +02:00
Dario Tranchitella
531cc4cf14 refactor: renaming Tenant webhook handler 2021-06-24 13:47:43 +02:00
Dario Tranchitella
accd9ca038 feat: emitting events for policies violations 2021-06-15 21:42:39 +02:00
Dario Tranchitella
7c1592e739 chore(license): switching over SPDX license header (#280) 2021-06-03 19:46:20 +02:00
Dario Tranchitella
3570b02427 feat!: using CapsuleConfiguration CRD with reload at runtime 2021-05-31 16:15:44 +02:00
Dario Tranchitella
c22cb6cc88 refactor: moving to admission/v1 for Kubernetes +1.16 2021-05-14 13:55:51 +02:00
Ludovico Russo
34c958371b refactor: better name variables in pkg/webhook/tenant 2021-05-04 17:49:13 +02:00
Dario Tranchitella
dfb7a5e227 feat: allowing Tenants with collided Ingress hostnames 
A new flag (`--allow-tenant-ingress-hostnames-collision`) is added,
defaulted to false: when toggled, Capsule will not check if each
declared hostname in `.spec.IngressHostnames.allowed` is already in use
on any other Tenant.
 2021-03-06 16:58:44 +01:00
Dario Tranchitella
16906db309 Validating Tenant also on UPDATE (#191) 2021-01-21 07:11:59 +01:00
Dario Tranchitella
d2700556dd Adding linters and aligning code (#169) 
* Adding linters and aligning code

* Aligning ingressHostnames to AllowedListSpec
 2021-01-13 23:49:11 +01:00
Paolo Carta
89c66de7c6 Implementing allowed Ingress hostnames (#162) 
Co-authored-by: Dario Tranchitella <dario@tranchitella.eu>
 2021-01-13 22:18:09 +01:00
Dario Tranchitella
007bdff512 Only owner Tenant specification key is mandatory (#153) 
* Only Tenant owner specification key is mandatory

* Increasing default timeout to avoid e2e flakiness on GH Actions

* Ensuring also empty Namespace annotations and labels
 2020-12-11 15:47:29 +01:00
Dario Tranchitella
e764b976aa Allowing dash on Tenant namespace (#118) 
* Allowing dashes in the Tenant name as DNS RFC-1123

* Allowing force tenant prefix with Namespaces with dash
 2020-10-31 19:43:46 +01:00
Maxim Fedotov
875650f185 Regexp support for Ingress and Storage classes (#89) 
Co-authored-by: Maksim Fedotov <m_fedotov@wargaming.net>
 2020-09-15 11:08:14 +02:00